Filtered by vendor Fujitsu
Subscriptions
Total
79 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-3210 | 4 Fujitsu, Hp, Philips and 1 more | 6 Displayview Click, Displayview Click Suite, Display Assistant and 3 more | 2024-11-21 | N/A |
Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. A number of applications developed using the Portrait Displays SDK do not use secure permissions when running. These applications run the component pdiservice.exe with NT AUTHORITY/SYSTEM permissions. This component is also read/writable by all Authenticated Users. This allows local authenticated attackers to run arbitrary code with SYSTEM privileges. The following applications have been identified by Portrait Displays as affected: Fujitsu DisplayView Click: Version 6.0 and 6.01. The issue was fixed in Version 6.3. Fujitsu DisplayView Click Suite: Version 5. The issue is addressed by patch in Version 5.9. HP Display Assistant: Version 2.1. The issue was fixed in Version 2.11. HP My Display: Version 2.0. The issue was fixed in Version 2.1. Philips Smart Control Premium: Versions 2.23, 2.25. The issue was fixed in Version 2.26. | ||||
CVE-2017-10855 | 2 Fujitsu, Microsoft | 4 Fence-explorer, Windows 10, Windows 7 and 1 more | 2024-11-21 | N/A |
Untrusted search path vulnerability in FENCE-Explorer for Windows V8.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
CVE-2016-8610 | 7 Debian, Fujitsu, Netapp and 4 more | 55 Debian Linux, M10-1, M10-1 Firmware and 52 more | 2024-11-21 | 7.5 High |
A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients. | ||||
CVE-2015-2808 | 9 Canonical, Debian, Fujitsu and 6 more | 102 Ubuntu Linux, Debian Linux, Sparc Enterprise M3000 and 99 more | 2024-11-21 | N/A |
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue. | ||||
CVE-2014-7254 | 1 Fujitsu | 1 Arrows Me F-11d | 2024-11-21 | N/A |
Unspecified vulnerability in ARROWS Me F-11D allows physically proximate attackers to read or modify flash memory via unknown vectors. | ||||
CVE-2014-7253 | 1 Fujitsu | 4 Arrows Kiss F-03d, Arrows Tab Lte F-01d, F-12c and 1 more | 2024-11-21 | N/A |
FUJITSU F-12C, ARROWS Tab LTE F-01D, ARROWS Kiss F-03D, and REGZA Phone T-01D for Android allows local users to execute arbitrary commands via unspecified vectors. | ||||
CVE-2014-7252 | 4 Disney Interactive, Fujitsu, Lg and 1 more | 7 Disney Mobile, Arrows Tab Lte F-01d, Arrows X Lte F-05d and 4 more | 2024-11-21 | N/A |
Multiple unspecified vulnerabilities in the Syslink driver for Texas Instruments OMAP mobile processor, as used on NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, and PRADA phone by LG L-02D; and SoftBank SHARP handsets 102SH allow local users to execute arbitrary code or read kernel memory via unknown vectors related to userland data and "improper data validation." | ||||
CVE-2014-3898 | 1 Fujitsu | 1 Serverview Operations Manager | 2024-11-21 | N/A |
Cross-site scripting (XSS) vulnerability in Fujitsu ServerView Operations Manager 5.00.09 through 6.30.05 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2013-7105 | 1 Fujitsu | 2 Interstage Application Server, Interstage Studio | 2024-11-21 | N/A |
Buffer overflow in the Interstage HTTP Server log functionality, as used in Fujitsu Interstage Application Server 9.0.0, 9.1.0, 9.2.0, 9.3.1, and 10.0.0; and Interstage Studio 9.0.0, 9.1.0, 9.2.0, and 10.0.0, has unspecified impact and attack vectors related to "ihsrlog/rotatelogs." | ||||
CVE-2013-2566 | 4 Canonical, Fujitsu, Mozilla and 1 more | 24 Ubuntu Linux, M10-1, M10-1 Firmware and 21 more | 2024-11-21 | N/A |
The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext. | ||||
CVE-2010-2151 | 1 Fujitsu | 1 E-pares | 2024-11-21 | N/A |
Cross-site request forgery (CSRF) vulnerability in Fujitsu e-Pares V01 L01 V01 L01, L03, L10, L20, L30, and L40 allows remote attackers to hijack the authentication of users for requests that modify "facility reservation data" via unknown vectors. | ||||
CVE-2010-2150 | 1 Fujitsu | 1 E-pares | 2024-11-21 | N/A |
Cross-site scripting (XSS) vulnerability Fujitsu e-Pares V01 L01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2010-2149 | 1 Fujitsu | 1 E-pares | 2024-11-21 | N/A |
Session fixation vulnerability in Fujitsu e-Pares V01 L01, L03, L10, L20, L30 allows remote attackers to hijack web sessions via unspecified vectors. | ||||
CVE-2010-1942 | 1 Fujitsu | 1 Interstage Application Server | 2024-11-21 | N/A |
Unspecified vulnerability in the Servlet service in Fujitsu Limited Interstage Application Server 3.0 through 7.0, as used in Interstage Application Framework Suite, Interstage Business Application Server, and Interstage List Manager, allows attackers to obtain sensitive information or force invalid requests to be processed via unknown vectors related to unspecified invalid requests and settings on the load balancing device. | ||||
CVE-2009-0868 | 3 Fujitsu, Microsoft, Sun | 3 Jasmine2000, Windows, Solaris | 2024-11-21 | N/A |
CRLF injection vulnerability in the WebLink template in Fujitsu Jasmine2000 Enterprise Edition allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. | ||||
CVE-2009-0867 | 1 Fujitsu | 1 Enhanced Support Facility | 2024-11-21 | N/A |
The HRM-S service in Fujitsu Enhanced Support Facility 3.0 and 3.0.1 allows remote attackers to obtain (1) hardware and (2) software information via unspecified requests in a client connection. | ||||
CVE-2009-0271 | 1 Fujitsu | 1 Systemcastwizard Lite | 2024-11-21 | N/A |
Directory traversal vulnerability in the TFTP service in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors. | ||||
CVE-2009-0270 | 1 Fujitsu | 1 Systemcastwizard Lite | 2024-11-21 | N/A |
Stack-based buffer overflow in PXEService.exe in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier allows remote attackers to execute arbitrary code via a large PXE protocol request in a UDP packet. | ||||
CVE-2009-0264 | 1 Fujitsu | 1 Systemcastwizard Lite | 2024-11-21 | N/A |
Buffer overflow in the Registry Setting Tool in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier has unknown impact and attack vectors. | ||||
CVE-2008-7195 | 1 Fujitsu | 1 Interstage Application Server | 2024-11-21 | N/A |
Unspecified vulnerability in Fujitsu Interstage HTTP Server, as used in Interstage Application Server Enterprise Edition 7.0.1 for Solaris, allows attackers to cause a denial of service via unknown vectors related to SSL. |